Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918F978/7E22B374B69B11E8AE06C616C4F9AE02/2CA287743ADF11EC85EB255FC4F9AE02.roa
File: 2CA287743ADF11EC85EB255FC4F9AE02.roa (raw, json)
Hash identifier: A/9femQKkaCuz3EWm5ek6obQeShDB8e94EEmtJEmzyY=
Subject key identifier: 6B:3E:20:DB:71:D8:67:0D:A4:F8:A6:EC:3C:F9:39:3F:5B:A4:88:A5
Certificate issuer: /CN=A918F978/serialNumber=6850AABF9BDABF26BFA09283021FE913D6956E32
Certificate serial: 1285
Authority key identifier: 68:50:AA:BF:9B:DA:BF:26:BF:A0:92:83:02:1F:E9:13:D6:95:6E:32
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aFCqv5vavya_oJKDAh_pE9aVbjI.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918F978/7E22B374B69B11E8AE06C616C4F9AE02/2CA287743ADF11EC85EB255FC4F9AE02.roa
Signing time: Sat 28 Sep 2024 17:05:48 +0000
ROA not before: Sat 28 Sep 2024 17:05:48 +0000
ROA not after: Mon 01 Dec 2025 00:00:00 +0000
asID: 138197
IP address blocks: 103.129.208.0/22 maxlen: 22
103.129.208.0/23 maxlen: 23
103.129.208.0/24 maxlen: 24
103.129.209.0/24 maxlen: 24
103.129.210.0/23 maxlen: 23
103.129.210.0/24 maxlen: 24
103.129.211.0/24 maxlen: 24
2403:8840::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 08 Nov 2024 12:35:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4741 (0x1285)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918F978/serialNumber=6850AABF9BDABF26BFA09283021FE913D6956E32
Validity
Not Before: Sep 28 17:05:48 2024 GMT
Not After : Dec 1 00:00:00 2025 GMT
Subject: CN=66f8376c-8271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c9:35:7c:94:29:61:bd:7a:d5:7e:04:45:f2:
66:97:92:50:82:0f:f1:a3:7d:d9:ed:ae:88:e7:25:
2b:42:e2:4a:f5:80:e2:ad:45:8f:fe:30:9c:9b:b2:
27:21:a2:64:0c:1d:16:f4:b0:72:39:0b:d2:dd:d5:
bd:f3:61:ba:56:7c:79:f8:55:75:f9:b0:fb:b7:a6:
a6:41:72:1e:7a:42:f5:fc:62:10:e2:56:c1:16:cc:
06:db:62:70:5d:4f:3a:6b:e8:64:e4:46:22:db:5c:
72:b3:07:53:ed:78:07:54:ee:1b:7b:ba:02:23:89:
89:a9:e5:25:d1:c5:a5:7b:fa:d1:b5:c9:de:3b:2f:
0b:d1:b8:08:42:d1:86:80:df:d7:03:28:bb:b9:aa:
13:69:b4:4f:f8:7c:ae:f5:3d:d7:08:6a:40:72:fa:
b1:9a:b6:ba:1f:c5:c5:d4:a7:a7:d7:c5:90:05:3a:
f5:e5:aa:28:65:b4:ea:14:ea:5d:71:26:39:7e:dd:
74:5b:73:b5:f9:10:4d:63:f6:ab:1e:3c:ac:f9:7b:
d4:22:60:1c:9e:0f:df:c5:1e:86:af:c2:6f:de:66:
b6:72:88:56:b4:59:4c:24:f2:bc:f4:cf:c3:95:b8:
05:d3:86:a3:f3:54:6f:21:89:cf:2a:27:aa:2c:29:
9a:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:3E:20:DB:71:D8:67:0D:A4:F8:A6:EC:3C:F9:39:3F:5B:A4:88:A5
X509v3 Authority Key Identifier:
keyid:68:50:AA:BF:9B:DA:BF:26:BF:A0:92:83:02:1F:E9:13:D6:95:6E:32
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918F978/7E22B374B69B11E8AE06C616C4F9AE02/aFCqv5vavya_oJKDAh_pE9aVbjI.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aFCqv5vavya_oJKDAh_pE9aVbjI.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918F978/7E22B374B69B11E8AE06C616C4F9AE02/2CA287743ADF11EC85EB255FC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.129.208.0/22
IPv6:
2403:8840::/32
Signature Algorithm: sha256WithRSAEncryption
57:47:0c:90:62:b0:1f:6f:f0:d2:05:f1:99:8e:81:f8:73:7c:
66:23:a0:eb:b0:97:01:e9:1e:71:6c:a3:87:65:80:a3:2e:1c:
b4:b7:7c:e8:32:a9:f1:34:6f:bc:80:0a:87:e9:31:c4:2b:d7:
06:59:de:50:e2:2b:f8:f3:a0:72:ef:cc:42:31:00:15:12:86:
f5:f6:32:c1:8f:80:4d:2e:38:37:ee:64:a5:f6:37:e1:03:a7:
f5:c3:49:a8:04:58:80:df:c0:01:53:1d:0b:49:70:15:bc:cb:
a2:ca:ea:27:07:62:b0:c4:ea:e4:fc:4e:49:4a:6a:be:6b:ec:
12:b0:c5:78:ac:6f:4c:75:5b:f4:cf:4b:5d:e7:34:7d:92:90:
f5:5b:ae:22:ed:13:e1:24:aa:62:10:37:52:83:69:70:59:88:
35:3e:15:ef:78:e0:b5:9c:0c:78:39:81:58:ac:fe:89:76:79:
f6:4c:85:ff:1d:2d:91:d2:34:0c:dd:18:11:5a:7f:83:bd:32:
62:67:89:85:20:a7:d3:10:c1:e6:eb:7b:8d:83:11:aa:7a:33:
4c:09:9b:3e:ec:50:8b:9e:f2:c3:d9:c0:38:00:61:e7:56:4b:
7e:8e:69:f2:ea:ab:6b:c1:43:a4:97:4d:b4:8d:5a:a5:16:ef:
d4:9c:a7:22
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICEoUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OEY5NzgxMTAvBgNVBAUTKDY4NTBBQUJGOUJEQUJGMjZCRkEwOTI4MzAyMUZFOTEz
RDY5NTZFMzIwHhcNMjQwOTI4MTcwNTQ4WhcNMjUxMjAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02NmY4Mzc2Yy04MjcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAqMk1fJQpYb161X4ERfJml5JQgg/xo33Z7a6I5yUrQuJK9YDirUWP/jCcm7In
IaJkDB0W9LByOQvS3dW982G6Vnx5+FV1+bD7t6amQXIeekL1/GIQ4lbBFswG22Jw
XU86a+hk5EYi21xyswdT7XgHVO4be7oCI4mJqeUl0cWle/rRtcneOy8L0bgIQtGG
gN/XAyi7uaoTabRP+Hyu9T3XCGpAcvqxmra6H8XF1Ken18WQBTr15aooZbTqFOpd
cSY5ft10W3O1+RBNY/arHjys+XvUImAcng/fxR6Gr8Jv3ma2cohWtFlMJPK89M/D
lbgF04aj81RvIYnPKieqLCmaaQIDAQABo4ICpDCCAqAwHQYDVR0OBBYEFGs+INtx
2GcNpPim7Dz5OT9bpIilMB8GA1UdIwQYMBaAFGhQqr+b2r8mv6CSgwIf6RPWlW4y
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4Rjk3OC83RTIyQjM3NEI2
OUIxMUU4QUUwNkM2MTZDNEY5QUUwMi9hRkNxdjV2YXZ5YV9vSktEQWhfcEU5YVZi
akkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL2FGQ3F2NXZhdnlhX29KS0RBaF9wRTlhVmJqSS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OEY5NzgvN0UyMkIzNzRCNjlCMTFFOEFFMDZDNjE2QzRGOUFFMDIvMkNBMjg3NzQz
QURGMTFFQzg1RUIyNTVGQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwLgYIKwYBBQUHAQcBAf8E
HzAdMAwEAgABMAYDBAJngdAwDQQCAAIwBwMFACQDiEAwDQYJKoZIhvcNAQELBQAD
ggEBAFdHDJBisB9v8NIF8ZmOgfhzfGYjoOuwlwHpHnFso4dlgKMuHLS3fOgyqfE0
b7yACofpMcQr1wZZ3lDiK/jzoHLvzEIxABUShvX2MsGPgE0uODfuZKX2N+EDp/XD
SagEWIDfwAFTHQtJcBW8y6LK6icHYrDE6uT8TklKar5r7BKwxXisb0x1W/TPS13n
NH2SkPVbriLtE+EkqmIQN1KDaXBZiDU+Fe944LWcDHg5gVis/ol2efZMhf8dLZHS
NAzdGBFaf4O9MmJniYUgp9MQwebre42DEap6M0wJmz7sUIue8sPZwDgAYedWS36O
afLqq2vBQ6SXTbSNWqUW79ScpyI=
-----END CERTIFICATE-----
Generated at Fri Nov 8 14:54:57 2024 by rpki-client on console-fra.rpki-client.org